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DETAILED ACTION 

This action is in response to the communication filed on 7/6/09. 

All objections and rejections not set forth below have been withdrawn. 

Claims 1 - 7, 9, 13 - 33, and 35 - 40 are pending. 

Specification 

The specification is objected to as failing to provide proper antecedent basis for 
the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01 (o). Correction 
of the following is required: 

The specification fails to provide proper antecedent basis for the recitations (or 
essentially similar recitations) "a user-specific type field", "wherein the outer Ethernet 
header comprises a user-specific type field", as found recited within claims 5 - 7, 9, 18, 
30, 35, 36 and 38. 

The specification fails to provide proper antecedent basis for the recitations of 
"pre-populated with an address..." and "the pre-populated header" as found recited 
within claim 17. The examiner notes that the specification appears to disclose a header 
comprising an address but does not provide clear support or antecedent basis for the 
term "pre-populated" such that the meaning of the terms in the claims may be 
ascertainable by reference to the description. It appears that the applicant's 
amendment from a header comprising an address to a header "pre-populated" with an 
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address is an attempt to distinguish subject matter in a manner that is not supported 
and is not based upon the applicant's disclosure. 

The specification fails to provide proper antecedent basis for the recitations (or 
essentially similar recitations) 

"wherein a destination address of the second Ethernet packet is an address of 
the originating device" [e.g. claim 1], 

"a second Ethernet packet having a header pre-populated with an address of the 
originating device as the destination address", and "returning the second Ethernet 
packet to the originating device, wherein the returned second Ethernet packet includes 
the pre-populated header and the encrypted packet data" [e.g. claim 17], 

" wherein the first Ethernet packet includes a header having an address of the 
originating device as the destination address...", and "wherein the second Ethernet 
packet includes a header having an address of the security processor as the destination 
address, wherein a portion of the packet data of the generated first Ethernet packet is 
cryptographically processed by the security processor and the portion of the packet data 
is replaced with the cryptographically processed data when the first Ethernet packet is 
returned to the originating device" [e.g. claim 26], 

"a second Ethernet packet including a header having an address of the 
originating device as the destination address...", and "a unit configured to transmit the 
second Ethernet packet, including the at least a portion encrypted by the encryption 
processor, to the originating device" [e.g. claim 37]. 
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The examiner notes that the applicant's disclosure appears to provide antecedent 
basis for two distinct concepts: IPSec communication between hosts on a network (e.g. 
figs. 4, 9; par. 66, 76-78) and the configuration of a security processor (e.g. par. 63 - 
65). However, the applicant's specification does not support the mixture of security 
processor configuration and IPSec processing as presently claimed. In other words, a 
security processor either receives configuration packets, wherein packets may be sent 
back to a host device or a security processor may receive communication packets, 
wherein the processor performs IPSec processing upon such packets and sends them 
outbound over a network (e.g. see par. 63-66). 

Claim Rejections - 35 USC §112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

Claims 1 - 7, 9, 13 - 33, and 35 - 40 are rejected under 35 U.S.C. 112, first 
paragraph, as failing to comply with the written description requirement. The 

claim(s) contains subject matter which was not described in the specification in such a 
way as to reasonably convey to one skilled in the relevant art that the inventor(s), at the 
time the application was filed, had possession of the claimed invention. Applicant has 
not clearly pointed out where the new (or amended) claim is supported, nor does there 
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appear to be a written description of the claim limitations in the application as filed (see 
above objection to the specification). 

For example, applicant claims that "a user-specific type field" is supported by the 
specification, paragraph 60. However, the examiner notes that the applicant's citation of 
the alleged support merely refers to the prior art Ethernet type field. The examiner 
reminds the applicant that the claim or claims must conform to the invention as set forth 
in the remainder of the specification and the terms and phrases used in the claims must 
find clear support or antecedent basis in the description so that the meaning of the 
terms in the claims may be ascertainable by reference to the description. 

Furthermore, as example, it is noted that applicant refers to paragraphs 64 and 
65 of the applicant's specification for returning packets that have been IPSec processed 
back to a host device, however, the examiner notes that paragraphs 64 and 65 pertain 
to a discussion of configuration packets as opposed to IPSec communication. 

The following is a quotation of the second paragraph of 35 U.S. C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 1 - 7, 9, 13 - 33, and 35 - 40 are rejected under 35 U.S.C. 112, 
second paragraph, as being indefinite for failing to particularly point out and 
distinctly claim the subject matter which applicant regards as the invention. 



Regarding claims 1,17, 26, and 37, the examiner notes that the applicant's 
amendments cause the scope of the claims to become indefinite. The examiner notes 
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that there is no antecedent basis within the applicant's specification for the language of 
the added recitations. Thus, the examiner interprets the applicant's amendments in 
light of the applicant's arguments, wherein the applicant asserts that the claimed 
features are supported within the applicant's disclosure (e.g. par. 64, 65) within the 
context of configuration packets for the configuration of a security processor. However, 
the examiner points out that security processor configuration and IPSec communication 
are distinct processes. Thus, the scope of these claims is indefinite, as it is unclear 
what process the applicant is attempting to claim. 

Regarding claims 17, 26, and 37, the examiner notes that the recitation "as the 
destination address" (e.g. claim 17, line 4) lacks antecedent basis within the claim 
terminology. For the purpose of examination, the examiner presumes the applicant to 
recite "as a destination address". 

Regarding claims 5 - 7, 9, 18, 30, 35, 36 and 38, they are rejected as being 
indefinite. The claim recitation of ". . .a user-specific type field. . ." or ". . .a user-specific 
Ethernet type" lacks a defined and customary meaning to those of ordinary skill in the 
art and the applicant's fail to define "a user-specific type field", thereby rendering the 
scope of these claims indeterminate. For the purpose of examination the examiner 
presumes the applicant to refer to an Ethernet type field as is admitted by the applicant 
to be the subject matter in question (e.g. Remarks, pg. 11). 
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All depending claims to the above rejected claims are rejected by virtue of their 
dependency. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1 - 4, 16 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Bryers et al. (Bryers), U.S. Patent Publication 2003/0126233 in view of 
Hadzic, "Ethernet Packet Encapsulation for Metropolitan Area Ethernet 
Networks", U.S. Patent, 7,130,303 in view of Mercer et al. (Mercer), "Method for 
Establishing a Security Association Between Two or More Computers 
Communicating Via an Interconnected Computer Network", U.S. Patent 
Publication 2003/0018908. 

Regarding claim 1 , as best as can be understood by the examiner, it is noted that 
Bryers discloses 
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receiving in a security processor a first Ethernet packet from an originating 
device (fig. 10, 11, 15a, 16; par. 77, 114 - Herein, Bryers discloses a processing unit, 
such as a router, that performs security processing upon received Ethernet packets; 

Bryers discloses a security processor for processing Ethernet packets delivered 
over a large distributed system (par. 7; fig. 36; par. 488). Bryers, however, does not 
appear to explicitly recite that one Ethernet packet may comprise another Ethernet 
packet. Hadzic discloses the practice of generating an Ethernet packet comprising 
another Ethernet packet for delivery over large distributed systems (Hadzic, fig. 1 , 9; 
1 :44-53). It would have been obvious to one of ordinary skill in the art to employ the 
teachings of Hadzic with the system of Bryers. This would have been obvious because 
one of ordinary skill in the art would have been motivated by the prior teachings that 
such a practice improves the efficiency and security of a network (Hadzic, 1 : 18-44). 

The combination enables: 

the first Ethernet packet comprising a second Ethernet packet... wherein a 
destination address of the second Ethernet packet is an address of the originating 
device (Hadzic, fig. 1, 9; 1:44-53). The examiner notes that combination discloses that 
Ethernet packets comprise addresses of originating devices. The examiner notes that it 
may be possible to suggest that the applicant's recitation of wherein a destination 
address of the second Ethernet packet is an address of the originating device is simply 
a reference to the fact that an address of a sender may be used by a receiver to send 
data to the sender. 
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The combination enables processing encapsulated Ethernet packets according 
to security associations (Bryers, fig. 10), however, the combination does not appear to 
explicitly disclose that a packet comprises a memory address associated with a security 
association, extracting the memory address, retrieving the security association from a 
memory using the received memory address. 

Mercer discloses that for the purpose of handling the requirements of high speed 
networks (Mercer, par. 11), packets should comprise a memory address associated with 
a security association (Mercer, par. 13). Furthermore, processing such packets 
includes extracting the memory address and retrieving a corresponding security 
association from memory (Mercer, fig. 7). 

It would have been obvious to employ the improved packet handling and 
processing techniques of Mercer within the combination. This would have been obvious 
because one of ordinary skill in the art would have been motivated by the teachings of 
prior that show such techniques improve security processing (Mercer, par. 11). 

The combination enables: 

and encrypting at least a portion of the extracted second Ethernet packet 
according to the retrieved security association (Bryers, fig. par. 193, 194, 198). 

Regarding claim 37, it is rejected, at least, for the same reasons as claim 1, and 
furthermore because the combination enables a processing device for operating 
according to the Ethernet and IPSEC protocols and comprising at least one data 
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memory for storing at least one security association; at least one Gigabit MAC for 
receiving at least one second Ethernet packet (Bryers, par. 199, fig. 4). 

Regarding claims 2-4, 16 the combination enables an outer Ethernet header 
and a manufacturer header and wherein the manufacturer header comprises the 
memory address and wherein the outer Ethernet header comprises an Ethernet address 
of the security processor and wherein the extracting step comprises determining 
whether an Ethernet address from the at least one second Ethernet packet matches an 
Ethernet address of the security processor (Bryers, par. 120, 193; Mercer, par. 13). 

Regarding claims 13 - 15, the combination enables wherein the retrieving step 
comprises retrieving the at least one security association from a data memory in a 
security processor and wherein the encrypting step comprises using an encryption key 
associated with the at least one security association and wherein the encrypting step 
comprises using an encryption algorithm defined by the at least one security association 
(Bryers, par. 120, 121, 124). 

Claims 5 - 7, 9 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over the combination of Bryers, Hadzic and Mercer in view of Stevens, TCP/IP 
Illustrated. 
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Regarding claim 5, the combination does not appear to explicitly disclose that 
Ethernet packets comprise user-specific type fields. Stevens discloses that composition 
of packets sent via Ethernet, the composition comprising user-specific type fields 
(Stevens, pg. 23, fig. 2.1). It would have been obvious to one of ordinary skill in the art 
to recognize the teachings of Stevens within the combination of Bryers and Mercer. 
This would have been obvious because one of ordinary skill in the art would have been 
motivated to follow the established standard required to employ Ethernet. 

Regarding claims 6 and 7, the combination enables wherein a first byte of the 
manufacturer header is set to zero, and wherein a portion of the manufacturer header 
following the first byte of the manufacturer header includes the memory address 
(Stevens, pg. 22, 23). 

Regarding claim 9, it is rejected, at least, for the same reasons as claims 5-8. 

Response to Arguments 

Furthermore, Applicant's arguments filed 9/2/08 have been fully considered but 
they are not persuasive. 



Applicant argues essentially that: 
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(i) Thus, the specification describes that the Ethernet type field 62 of a packet may 
include a type uniquely registered to a user (e.g., a company such as Broadcom). 
Accordingly, the recitation "user-specific type" in claims 5, 9, 18, and 30 is supported by 
at least ^[0060] of the specification. (Remarks, pg. 15) 

In response, the examiner respectfully notes that this argument has been 
previously addressed by the office. The examiner respectfully maintains the applicant's 
claims are merely attempting to recite the prior art Ethernet type field while furthermore 
using terminology that is not found within the applicant's disclosure. The applicant is 
reminded that the claims must conform to the invention as set forth in the remainder of 
the specification and the terms and phrases used in the claims must find clear support 
or antecedent basis in the description so that the meaning of the terms in the claims 
may be ascertainable by reference to the description. 

(ii) Thus, Hadzic does not teach or suggest. . . 

Mercer fails to overcome these deficiencies ofBryers and Hadzic... (Remarks, 
pg. 13-15) 

In response, the examiner respectfully notes that the applicant's arguments 
essentially comprise a recitation of the claims and with the assertion that the claims are 
not taught by the prior art. The examiner respectfully notes that such remarks fail to 
comply with 37 CFR 1 . 1 1 1 (b) because they amount to a general allegation that the 
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claims define a patentable invention without specifically pointing out how the language 
of the claims patentably distinguishes them from the references. 



Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 

See Notice of References Cited. 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JEFFERY WILLIAMS whose telephone number is 
(571)272-7965. The examiner can normally be reached on 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Jeffery Williams/ 
Examiner, Art Unit 2437 

/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2437 



